Forrester research indicates that private cloud has entered into the formal IT portfolio by becoming a core part of data center strategy. I have been writing about the sea change underway in private cloud. This sea change means that automating the provisioning of virtual machines and their infrastructure is inadequate in a world where your users expect continuous delivery.

Application developers want to accelerate application stack design and deployment. Your customers expect to consume applications and their supporting infrastructures on-demand and take delivery within minutes.

Doubt this fact? I consistently hear from senior executives about the growth of shadow IT within their organizations simply because the data center cannot meet delivery expectations.

At CiscoLive Milan today, the Cisco ONE Enterprise Cloud Suite was introduced. I can hear your response now…..What another cloud management platform? So I will respond: no way!

Many of today’s solutions are simple toolkits that require IT administrators to customize and maintain integrations between tools, processes, applications and teams. IT needs to become software and infrastructure engineers. End users have expectations of simplicity and out-of-box operation and these tools simply frustrate meeting end users expectations.

Cisco ONE Enterprise Cloud Suite is an engineered software solution not a platform. It delivers a hybrid-ready private cloud software solution that contains out-of-box installation and content. There are out-of-box utensils designed specifically to accelerate the design and deployment of your existing and cloud-first applications – across private and hybrid environments. Learn more by watching this video.

Reducing costs remains amongst the top reasons why organizations use public cloud services. However, when calculating the costs of public cloud services organizations need to look well beyond the license fees and billed costs.

With Cisco Cloud Consumption Services, we have worked with numerous customers to discover their public cloud usage and analyze cloud spend. At Cisco Live Milan, taking place January 26-30, we are sharing public cloud spending trends with our customers. We have found that the hidden or soft costs of public cloud services can be four to eight times higher than visible costs. These soft costs fall in three areas and include business risk, network and security costs, as well as cloud operations and integration.

Cisco’s Scott Clark recently discussed the value of this new business approach for IT and highlighted that by adopting this approach IT can “provide the right private, hybrid or public cloud service, at the right time, and at the right cost.”

Shadow IT is estimated to be 20-40 percent beyond the traditional IT budget. The ease by which organizations can purchase apps and services from cloud service providers (CSP) contributes significantly to this spending. This is an eye-catching number worthy of investigation—not only to identify and reduce costs, but to discover business risks. So, it is no surprise that CIOs and CFOs have started projects to identify and monitor unknown CSPs.

I often get questions from customers asking if it is possible for IT to monitor cloud service usage and discover shadow IT using existing technologies, and what the pros and cons would be.

The first CSP monitoring approach I am asked about is the use of secure web gateways. A gateway captures and categorizes incoming web traffic and blocks malicious malware. The benefit of this approach is that the gateways are typically already in place. However, there are several limitations in relying exclusively on this approach. Gateways cannot differentiate between a traditional website and a CSP which might be housing business data. They also have no way of discerning whether a given CSP poses a compliance or business risk. Most importantly, to use gateways to track CSPs, IT would need to create and maintain a database of thousands of CSPs, and create a risk profile for each CSP in order to truly understand the specific service being consumed.

The second approach I get asked about is whether organizations can use NetFlow traffic to monitor CSPs. Many customers feel that they can build scripts in a short amount of time to capture usage. Simply answered, yes this can be done. But organizations would face a similar challenge as if they were using web gateways. To capture CSP traffic using NetFlow, IT would need to develop scripts to capture every CSP (numbering in the tens of thousands). Then identify how each CSP is being used, the risk profile of the CSP to an organization, and how much the CSP costs to project overall spend. This is just the beginning. An IT department would then need to build reporting capabilities to access the information as well as continually maintain the database; and apply resources to this undertaking on a monthly basis to ensure the database was current.

The good news, Cisco has done this work for our customers! We have developed Cloud Consumption Services to help organizations identify and reduce shadow IT. Using collection tools in the network, we can discover what cloud services are being used by employees across an entire organization. Cloud Consumption includes a rich database of CSPs and can help customers identify the risk profile of each CSP being accessed, and identify an organization’s overall cloud spend.

Cisco has helped many IT organizations discover their shadow IT. For example, we worked with a large public sector customer in North America who was struggling to embrace the cloud, but were concerned about business risks. Employees were pushing for cloud services to improve productivity when 90% of Internet traffic was blocked by the organization’s policy. Despite these restrictions, 220 cloud providers were being used already and less than 1% were authorized by IT. Leveraging Cloud Consumption Services, the customer was not only able to manage risk, but also authorize future cloud services based on employee needs in a controlled manner.

It is a good practice for every IT organization to understand how employees are using cloud services and monitor usage on an on-going basis. I encourage our customers to determine which approach would work best for their organization; otherwise they may face unknown business risks and costs.

To learn more about avoiding the pitfalls of shadow IT and how you manage cloud services, please register to attend an upcoming webinar on Dec 11, 2014 at 9:00 a.m. PT.

In previous blogs I have described how organizations are maturing beyond provisioning of individual servers to provisioning of richer cloud-based application stacks. Known as platform-as-a-service (PaaS), this capability takes cloud technology beyond infrastructure to automate the application life cycle. PaaS allows developers and IT operations to collaborate and ensure that application stacks are consistent and delivered to your customers — within minutes.

Last summer at CiscoLive Orlando, the Application Stack Accelerator for Cisco Intelligent Automation for Cloud (IAC) was introduced and we quickly noticed that PaaS was an extremely popular topic! This popularity has grown. The demand for PaaS is heavy as organizations, probably like yours, look to extend cloud automation to the design, configuration and implementation of the application life cycle. Read More »

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.